Malware Advisor is going to post information specifically related to adware, spyware and malware.
Most links will point to my forum, where all are invited to take part in discussion, seek assistance with malware removal and find out about the latest malware threats.

Thursday, August 31, 2006

SiteAdvisor Glitches

It would seem that McAfee SiteAdvisor has developed a bit of a hiccup with it's ratings system, or, perhaps their crawler has a bug in it.

These are obvious mistakes in the system somewhere. The SiteAdvisor group has been made aware of these mistakes and are taking action to correct them. It just won't be as fast as we would like.

I am rated as an 'Experienced Reviewer' and as such, my comments carry a little bit of weight in the ratings of sites. If you're aware of a site which needs some corrective commentary, be they good sites flagged as bad or visa versa, let me know and I'll work my mojo magic on them.

UPDATE: SiteAdvisor is attempting to whitelist these types of security forums and correct the problem.

11 comments:

Hi everyone, this is Tom from SiteAdvisor engineering. We just released a big new set of data with much better detection of adware/virus downloads. However, we also marked a lot of great security sites red accidentally. What happened is that as we expanded our crawling capacity to check more and more pages on sites, we ended up crawling forums. Naturally, a lot of forums have links to bad sites or bad downloads.

Unfortunately, we didn’t catch this before the data went live…the good news is that these results were only public for about 24 hours before we fixed them. Thanks to everyone who logged on to siteadvisor.com and left reviewer feedback—this was an important way for us to realize that something was wrong.

We’ve done a couple of things to make sure this doesn’t happen again:

1) we’ve taught our crawlers what forums look like and we ignore anything we find in them

2) we’ve added all of the security sites that we had these false-positives on to our QA regression tests to make sure they don’t accidentally go red again

3) we’re teaching our scoring systems that security sites are allowed to link to bad sites or to bad downloads without making the security site itself a bad site

Hi everyone, this is Tom from SiteAdvisor engineering. We just released a big new set of data with much better detection of adware/virus downloads. However, we also marked a lot of great security sites red accidentally. What happened is that as we expanded our crawling capacity to check more and more pages on sites, we ended up crawling forums. Naturally, a lot of forums have links to bad sites or bad downloads.

Unfortunately, we didn’t catch this before the data went live…the good news is that these results were only public for about 24 hours before we fixed them. Thanks to everyone who logged on to siteadvisor.com and left reviewer feedback—this was an important way for us to realize that something was wrong.

We’ve done a couple of things to make sure this doesn’t happen again:

1) we’ve taught our crawlers what forums look like and we ignore anything we find in them

2) we’ve added all of the security sites that we had these false-positives on to our QA regression tests to make sure they don’t accidentally go red again

3) we’re teaching our scoring systems that security sites are allowed to link to bad sites or to bad downloads without making the security site itself a bad site

Siteadvisor has marked the entire snafu.de domain (an ISP with thousands individual homepages) because of two downloads (cuteftp and gozilla). Thus, my freeware "Xenu's Link Sleuth" (search for it) is now falsely indirectly red-flagged by Siteadvisor. And the worst thing is that Siteadvisor is now integrated in yahoo search.

And yet, that search, if users are using SA, it has the green check mark next to it. Go figure.

Drop an email to both YaHoo and SA, see what they say. They will probably account it to a new system which still has some bugs in it, which on the one hand is expected, but on the other hand for you, not a very good situation to be in.

My news website was flagged yellow b/c of "email promotion", when I have done no such thing. Please go to the rating for thecoffeedesk.com and help me earn back a green rating, as my site is inaccessible from most schools since they run Bess as their internet filter, which blocks my site because it is run by Mcafee.

Please help me get out of this predicament any way you can, it would be much appreciated.

Update about my situation: after I talked to Yahoo, Siteadvisor and my ISP, the matter was solved after several weeks. My ISP removed the suspicious files from its ftp site, and yahoo and siteadvisor also corrected the rating. So I'm now "green".

A completely errant RED rating has happened to my site, bitsum.com, due to a anti-malware false alarm on my MakeService utility. There is no debate about the detection's legitimacy, it is an absolute false alarm. Due to this false alarm, I removed my MakeService utility a month or so ago. It wasn't one of my primary products, I was just offering it to be helpful to the community.

Anyway, McAfee is SO UNRESPONSIVE to this issue. I understand they get things wrong, but they need to correct them in a halfway expedient way. While they are taking their time, I am being run out of business.

They also had 2 other Yellow false alarms on my executable compressor, PECompact. Again, false alarms. These are of 95 downloads. Even with these false alarms, I shouldn't have got a RED rating I don't think. Many download sites have false alarms here and there and don't have RED ratings.

Yahoo SafeSearch says McAfee may take WEEKS to get this fixed. What the heck? Do they not care the damage they inflict?

Other AV companies that false alarmed on my software in the past have fixed those problems in an expedient fashion. McAfee, you have little to no legitimacy left (does that criticism mean I'll never go Green?)

You can add me to the list of people who've had a site incorrectly hit with a red mark. I have also run into McAfee's unresponsiveness, and while Yahoo! tosses around the quote of "a few weeks" to get things resolved, I have the paper trail to show that it takes months.

When I questioned McAfee about the ranking, they pointed to a particular page (a calendar listing events) on the site that had "e-mail addresses in plain text" and their report claims that they had posted on our site and gotten numerous spam messages in response. The first is demonstrably not true, and the second is questionable as event postings are human-moderated and bogus ones typically don't get through (and McAfee refused to identify any postings as theirs).

Right now I'm in agreement with the above statement that McAfee has no legitimacy left.